I notice that anyone with a computer that has itunes + iphone gets a nifty little service called AppleMobileDeviceService.exe. I also noticed that it listens on a TCP port and it runs as SYSTEM.
Before anyone gets super excited, I’m not going to drop a 0day in this post. I’m simply going to show you the process/menthod I used to listen to the network chatter…
I used my modified version of PAIMEIPeek.py to trace all calls to send() and recv(). I added context dumping as well so that I can see what registers hold the content that I sent. This is going to be used later to get/set the pointer to the buffer recv() fills.
Here is a video of the recv() and send() hooks doing their thing:
* NOTE: Switch to full screen for best resolution. I have no idea what this will look like scaled
Previous 
Next 
Categories
Tag Cloud
Blog RSS
Comments RSS
Last 50 Posts
Back
Void 
Life 
Earth 
Wind 
Water 
Fire